Security Architect (Remote US)

Location : Remote, United States | Team: Security Engineering

Role Type: Full-Time Employee (Manager)

Medallia is the pioneer and market leader in Experience Management. Our award-winning SaaS platform, Medallia Experience Cloud, leads the market in the understanding and management of experience for candidates, customers, employees, patients, citizens and residents.  

We are more than a software company. We want to be known as a company that does the right thing, no matter the challenge or controversy. We are committed to creating a culture that values every person and every experience. Individual life experiences shape the way we interact with the world, which is why we encourage people to bring their whole selves to work each day. The strength of our global workforce is the most significant contributor to our success. 

We believe: Every Experience Matters. Talent is Everywhere. All Belong Here.

At Medallia, we hire the whole person.

Medallia’s security team is responsible for the security of the overall Medallia platform and entire global infrastructure. We are looking for exceptional technical engineers, who understand multi-tenant SaaS environments, and will work closely with our global engineering teams and ensure that we build secure and robust software and solutions in the world of SecDevOps. We are looking for a candidate who is passionate about security, has a strong technical background and loves creating innovative solutions to challenging problems.

Medallia is a technology powerhouse and our security challenges cannot be solved by traditional security technologies. This role requires creative thinking and innovative approaches to help stay a step ahead in securing our applications, services and data. This role will be responsible for developing solutions that solve business problems that leverage cutting edge technologies and processes to grow and mature our security program across our product portfolio. This role is far reaching as it will have the ability to impact Medallia’s Federal, Commercial and Corporate environments, driving security initiatives across our entire technical stack.

Specifically, you will:

·      Perform security assessments including architecture review and threat modeling across a multitude of product and corporate technology stacks.
·       Assist and enable engineering and other technology teams to adopt security solutions
·       Provide security advice to cross-functional teams including members from product, engineering, and services organizations
·       Work closely with stakeholders to drive security issues to resolution
·       Develop and mature security guidance including training materials, best practices, security standards across multiple environments taking into account business, contractual and compliance requirements
·       Employ knowledge and deep understanding of threat landscape, SaaS industry, and customer feedback to drive the pipeline of impactful security features in Medallia applications and environments
·       Must meet requirements to obtain security clearances if needed.


Minimun Qualifications:

  • 8+ years experience in deploying security solutions in cloud and on-prem environments
  • Proven experience taking business outcomes and translating to tactical and strategic initiatives
  • Proven ability to work collaboratively across and within teams
  • Strong skills in at least two of the following areas: architecture review, threat modeling, penetration testing, incident response, automated and manual code security testing
  • Knowledge and experience designing security patterns and implementing security best practices
  • Independent problem-solving capabilities and excellent communication skills

Preferred Qualifications:

  • CISSP or CSSLP certification
  • Understanding of CI/CD DevOps tools and ability to build, secure and deploy multi-environment pipelines with secure artifacts, branch control and SAST/DASDT pipeline tasks
  • Knowledge of popular web development frameworks (AngularJS, React, Redux, Velocity, StringTemplate, jQuery, Jackson, THRIFT, etc.) is a plus
  • Proficiency with Python, Ruby, or other scripting languages and the ability to create automation of manual Knowledge of microservices architecture and containers
  • Experience working in a compliance-focused environment 
  • Knowledge of FedRAMP (Federal Risk Authorization Management Program)Knowledge of FISMA (Federal Information Systems Management Act)

  • Keywords: Cloud Security, Application Security, (software) Architecture Review, Threat Modeling, Secure (environment) Architecture, Secure (software) Design, Incident Response, (application and network) Pentesting, Dynamic (security) Analysis, Static Analysis,
At Medallia, we celebrate diversity and recognize the value it brings to our customers and employees. Medallia is proud to be an equal opportunity workplace and is an affirmative action employer. Equal opportunity is afforded to all qualified applicants and employees. We do not discriminate on the basis of gender identity or expression, race, ethnicity, religion, national origin, age, sex, marital status, physical or mental disability, Veteran status, sexual orientation, and any other protected category. We also consider all qualified applicants regardless of criminal histories, consistent with legal requirements. 

Medallia is committed to working with and providing reasonable accommodation to applicants with disabilities in accordance with the American Disabilities Act and local disability laws. 

For information regarding how Medallia collects and uses personal information, please review our Privacy Policies.

Apply Today